CVE-2023-42791
published 2024-02-20CVE-2023-42791: A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through…
PriorityP261high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
4.18%
89.7th percentile
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortianalyzer | — | — |
| fortinet | fortianalyzer | 6.2.0 – 6.2.11 | — |
| fortinet | fortianalyzer | 6.4.0 – 6.4.12 | — |
| fortinet | fortianalyzer | 7.0.0 – 7.0.8 | — |
| fortinet | fortianalyzer | 7.2.0 – 7.2.3 | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | — | — |
| fortinet | fortimanager | >= 6.2.0 < 6.2.12 | 6.2.12 |
| fortinet | fortimanager | 6.2.0 – 6.2.11 | — |
| fortinet | fortimanager | >= 6.4.0 < 6.4.13 | 6.4.13 |
| fortinet | fortimanager | 6.4.0 – 6.4.12 | — |
| fortinet | fortimanager | >= 7.0.0 < 7.0.9 | 7.0.9 |
| fortinet | fortimanager | 7.0.0 – 7.0.8 | — |
| fortinet | fortimanager | >= 7.2.0 < 7.2.4 | 7.2.4 |
| fortinet | fortimanager | 7.2.0 – 7.2.3 | — |
| fortinet | fortinet | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability class is relative path traversal (CWE-23) combined with unrestricted file upload (CWE-22) in FortiManager; monitor for crafted HTTP requests containing path traversal sequences (e.g., '../') targeting FortiManager endpoints ↗
- →The attack vector is HTTP; inspect HTTP requests to FortiManager for path traversal patterns in file upload functionality, particularly requests that attempt to write files outside intended directories ↗
- ·Affected FortiManager versions span a wide range across multiple major branches; ensure version checks cover all listed branches: 7.4.0, 7.2.0–7.2.3, 7.0.0–7.0.8, 6.4.0–6.4.12, and 6.2.0–6.2.11 ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c2qq-2j48-5pr5: A relative path traversal in Fortinet FortiManager version 7
ghsa_unreviewed·2024-02-20
CVE-2023-42791 [HIGH] CWE-22 GHSA-c2qq-2j48-5pr5: A relative path traversal in Fortinet FortiManager version 7
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Fortinet
Path traversal via unrestricted file upload
vendor_fortinet·2024-02-20·CVSS 8.8
CVE-2023-42791 [HIGH] CWE-22 Path traversal via unrestricted file upload
FG-IR-23-189: Path traversal via unrestricted file upload
A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
CVEs: CVE-2023-42791
CWEs: CWE-22, CWE-23
CVSS: 8.8 (high)
Affected products: FortiManager, Fortinet
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-20
Published